Vulnerabilities > Netgear > Wnr3500L Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-16 | CVE-2019-20692 | Out-of-bounds Write vulnerability in Netgear products Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. | 6.7 |
| 2019-11-13 | CVE-2013-3516 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear Wnr3500L Firmware and Wnr3500U Firmware NETGEAR WNR3500U and WNR3500L routers uses form tokens abased solely on router's current date and time, which allows attackers to guess the CSRF tokens. | 6.5 |
| 2019-11-13 | CVE-2013-3517 | Cross-site Scripting vulnerability in Netgear Wnr3500L Firmware and Wnr3500U Firmware Cross-site scripting (XSS) vulnerability in NETGEAR WNR3500U and WNR3500L. | 5.4 |
| 2019-11-13 | CVE-2013-4657 | Path Traversal vulnerability in Netgear Wnr3500L Firmware and Wnr3500U Firmware Symlink Traversal vulnerability in NETGEAR WNR3500U and WNR3500L due to misconfiguration in the SMB service. | 9.8 |
| 2019-10-09 | CVE-2019-17372 | Improper Authentication vulnerability in Netgear products Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. | 8.1 |